Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add self signed jwt support #1420

Merged
merged 2 commits into from Aug 16, 2021
Merged

feat: add self signed jwt support #1420

merged 2 commits into from Aug 16, 2021

Conversation

arithmetic1728
Copy link
Contributor

@arithmetic1728 arithmetic1728 commented Jun 29, 2021
edited

Add UseJwtAccessWithScope property to GoogleCredentialsProvider, which passes the property value to ServiceAccountCredentials to trigger self signed JWT.

This property will be set by GAPIC clients, example PR: arithmetic1728/java-kms#3

@google-cla google-cla bot added the cla: yes label Jun 29, 2021
@arithmetic1728 arithmetic1728 mentioned this pull request Jun 29, 2021
Merged
@arithmetic1728 arithmetic1728 changed the title feat: add self signed jwt support [WIP] feat: add self signed jwt support Jul 21, 2021
@suztomo
Copy link
Member

@suztomo suztomo commented Jul 21, 2021
edited 

Jul 21, 2021 5:57:02 AM com.google.cloud.tools.dependencies.linkagemonitor.LinkageMonitor run
SEVERE: Newly introduced problem:
(com.google.auth:google-auth-library-oauth2-http:0.26.0) com.google.auth.oauth2.ServiceAccountCredentials's method createWithUseJwtAccessWithScope(boolean) is not found
  referenced from com.google.api.gax.core.GoogleCredentialsProvider (com.google.api:gax:1.67.1-SNAPSHOT)

com.google.auth:google-auth-library-oauth2-http:0.26.0 is at:
  com.google.auth:google-auth-library-oauth2-http:0.26.0 (compile)
  and 96 other dependency paths.
com.google.api:gax:1.67.1-SNAPSHOT is at:
  com.google.api:gax:1.67.1-SNAPSHOT (compile)
  and 2 other dependency paths.

Linkage Monitor checks linkage errors in the following step:

  • It creates a temporary BOM based on the latest release of libraries-bom (20.8.0). It modifies the version of gax with this 1.67.1-SNAPSHOT because this repository generates the artifacts.
    This doesn't modify google-auth-library-oauth2-http version, keeping version 0.26.0, because this repository doesn't have it.
  • It runs linkage checker for the class path generated from the temporary BOM
    The class path contains GAX 1.67.1-SNAPSHOT and google-auth-library-oauth2-http 0.26.0.

Because GAX 1.67.1-SNAPSHOT uses a new method in google-auth-library-oauth2-http 0.27.0. It's a new linkage error.

I'm thinking how to resolve this. (GoogleCloudPlatform/cloud-opensource-java#2137)

For now, it requires a new release of the shared dependencies BOM and the Libraries BOM before merging this change.

@suztomo suztomo mentioned this pull request Jul 21, 2021
Open
@arithmetic1728 arithmetic1728 mentioned this pull request Jul 22, 2021
Merged
@arithmetic1728 arithmetic1728 marked this pull request as ready for review Jul 27, 2021
@arithmetic1728 arithmetic1728 requested review from as code owners Jul 27, 2021
@arithmetic1728 arithmetic1728 added the do not merge label Jul 27, 2021
@arithmetic1728
Copy link
Contributor Author

@arithmetic1728 arithmetic1728 commented Jul 27, 2021

Added do not merge while we are waiting for auth lib to be updated in library-bom

TimurSadykov
TimurSadykov approved these changes Jul 28, 2021
View changes
Copy link
Member

@TimurSadykov TimurSadykov left a comment

LGTM

@suztomo
Copy link
Member

@suztomo suztomo commented Aug 16, 2021

I just released a new version of the Libraries BOM that contains the auth library 1.0.0. It may take time (few hours) for Maven to show it as the latest version.

@arithmetic1728 arithmetic1728 removed the do not merge label Aug 16, 2021
@arithmetic1728 arithmetic1728 merged commit ed39c34 into master Aug 16, 2021
8 checks passed
@arithmetic1728 arithmetic1728 deleted the self_signed_jwt branch Aug 16, 2021
gcf-merge-on-green bot pushed a commit that referenced this issue Aug 16, 2021
@release-please
chore: release 2.3.0 (#1461)
6592b69 
🤖 I have created a release \*beep\* \*boop\*
---
## [2.3.0](https://www.github.com/googleapis/gax-java/compare/v2.2.0...v2.3.0) (2021-08-16)


### Features

* add custom options to ApiCallContext ([#1435](https://www.github.com/googleapis/gax-java/issues/1435)) ([0fe20f3](https://www.github.com/googleapis/gax-java/commit/0fe20f379feba1570e562e60e3f0bf7cc4e485bd))
* add UseJwtAccessWithScope to GoogleCredentialsProvider ([#1420](https://www.github.com/googleapis/gax-java/issues/1420)) ([ed39c34](https://www.github.com/googleapis/gax-java/commit/ed39c34693783460fc03effb47e7027914cfb5bc))
---


This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@TimurSadykov TimurSadykov

@miraleung miraleung

@googleapis/yoshi-java yoshi-java

Assignees
No one assigned
Labels
cla: yes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@arithmetic1728 @suztomo @TimurSadykov @miraleung